Trust, explained

The Trust Layer for AI Agents

Agents do not need “more tools.” They need tools they can trust. FunctionFly turns functions into verified, signed, auditable building blocks with execution-backed trust scores.

Verification levels Trust API

Verification levels

Each level adds deeper assurance before a tool can be considered “trusted.”

Format checks

Validate manifest structure and I/O schema.

Security scans

Scan for risky behaviors and validate capability constraints.

Code review

Manual and automated review of safety-relevant aspects.

Platform verified

Signed and reviewed as official/recommended tooling.

Signing, attestations, revocation

Trust is portable because verification becomes an immutable record.

Signing: Function artifacts include platform signatures.
Attestations: Verifiable records of what was checked and when.
Revocation: If a tool is flagged, it can be downgraded or removed from trusted pools.

What agents see

A trust score and policy-relevant metadata (capabilities, constraints, and verification level).

Execution-backed trust

Trust scores compound from real execution history so “it ran” and “it ran safely” are both represented.

Zero-knowledge vault

Secrets are encrypted client-side. FunctionFly stores ciphertext only, enabling agent tools without exposing plaintext secrets.

Trust API (usage-based)

Query attestations, trust scores, and revocation state. Bill on usage so agent workloads can adapt trust dynamically.

Trust score lifecycle

Trust is not a static label. It starts at publish-time, evolves with execution history, and can be updated through verification, reports, and revocations.

Publish

A function is published with a manifest and a declared I/O contract.

Verify

Verification stages validate structure, security, and safety-relevant behavior.

Sign & attest

Attestations become immutable records that agents can reason about.

Execute

Real execution updates trust score components over time.

Evolve

History, reports, and revocation keep trust current for agents and clients.

Trust API for agents

Use a scoped API key to read trust scores and trigger verification workflows from your agent runtime.

Get trust score: GET /v1/trust/score/{function_id}
Batch scores: POST /v1/trust/batch
Get history: GET /v1/trust/history/{function_id}
Submit verification: POST /v1/trust/verify

Scopes matter

Trust read endpoints require an API key; verification and reporting endpoints require the corresponding scopes (e.g. verification:request and reports:submit).

Example: submit verification

Trigger a verification run for a function version, then query status until the verification completes.

POST /v1/trust/verify
Authorization: Bearer API_KEY
Content-Type: application/json

{
  "function_id": "550e8400-e29b-41d4-a716-446655440002",
  "function_version": "1.2.0",
  "verification_level": "standard",
  "metadata": {
    "use_case": "data_processing",
    "expected_traffic": "high"
  }
}

{
  "id": "550e8400-e29b-41d4-a716-446655440005",
  "verification_id": "vfy_abc123def456",
  "function_id": "550e8400-e29b-41d4-a716-446655440002",
  "function_author": "alice",
  "function_name": "data-processor",
  "function_version": "1.2.0",
  "verification_level": "standard",
  "status": "pending",
  "created_at": "2026-03-21T10:00:00Z"
}

Why FunctionFly wins on trust

No other platform combines verification, trust scoring, and zero-knowledge security.

Feature

FunctionFly

RapidAPI

Toolhouse

Theagora

Trust scoring

✓

—

Partial

Multi-level verification

✓

—

✓

Zero-knowledge vault

✓

—

Function execution

✓

—

✓

Agent-native tool discovery

✓

—

✓

Ready to build with trusted tools?

Browse trusted functions in the marketplace, or run your own agent trust policy to select tools safely.

Get Started Free See trust-aligned pricing